Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
File: 52630693-0f5d-4126-ba07-ad0c0c999660.roa (raw, json)
Hash identifier: X+UCfRsbBhSzzp3Sf8XDbSeJ1KbXq0scDHIp7RGbqJc=
Subject key identifier: E8:2D:6E:BC:A5:A5:9B:82:AC:B2:BA:16:13:37:56:9A:37:02:53:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E7A1E5B14CA18FAEDDE3B2691963451F67FC809
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:7a:1e:5b:14:ca:18:fa:ed:de:3b:26:91:96:34:51:f6:7f:c8:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=dcfd971c35dafc847916ef293eaf43e90ee19f39a3ae21102171d6aafe746ae7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1b:1d:f1:18:cc:0a:26:a5:e3:16:c5:8a:4e:
89:49:1c:85:f2:03:af:60:03:17:e1:e7:1c:74:e9:
d0:02:fc:b0:16:ac:43:11:9e:b5:36:80:a4:3f:31:
59:8e:60:46:88:33:23:72:cc:43:3e:35:b3:d7:22:
48:d0:d5:95:3d:1a:a7:d0:07:70:3c:ba:71:71:8f:
17:b1:6f:7b:28:1c:54:0a:50:09:d3:c3:2d:67:21:
ce:34:15:47:83:01:24:0d:d9:33:55:e3:63:e3:7c:
e8:d1:87:a9:cb:80:0a:16:ee:48:b5:58:8a:0f:d9:
4a:6e:ad:f4:c6:42:23:e1:22:af:82:e2:d3:fc:17:
a5:ba:56:d2:7e:2d:8a:02:5a:bb:f1:44:0a:4a:78:
b5:6d:2c:d9:89:0e:88:2a:f0:12:da:c0:db:67:66:
d5:a9:94:e9:e4:f9:ba:70:b6:5b:74:bd:4a:f8:cd:
f6:ab:a7:07:e6:20:5b:35:77:9e:d3:b3:df:71:21:
81:7a:a5:1b:fd:b8:b8:09:8c:b8:52:22:63:80:bf:
dc:27:51:0c:af:71:16:e1:f2:94:53:10:d7:63:4a:
26:46:66:ae:05:e2:91:19:14:5a:a9:ee:4d:46:ec:
bf:10:dc:8f:eb:6e:a0:e9:63:2d:45:1b:e2:03:30:
db:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:2D:6E:BC:A5:A5:9B:82:AC:B2:BA:16:13:37:56:9A:37:02:53:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:e000::/40
Signature Algorithm: sha256WithRSAEncryption
2f:1e:cf:1d:81:b9:5d:60:42:08:3e:8c:5e:5a:ed:1d:51:e3:
d2:d8:0b:b8:06:b3:68:f8:54:13:73:41:d2:51:7b:65:81:66:
8c:89:57:90:60:c8:56:43:80:6f:8b:30:55:74:5d:15:21:a9:
03:c0:76:d3:cb:6d:27:47:c4:ad:e6:cc:67:a4:4d:0b:00:a1:
ad:30:06:5e:76:7b:15:54:2b:95:35:27:4b:05:a3:07:e6:03:
6a:ae:35:b8:48:68:e0:06:a6:c7:6f:20:dc:3e:e3:18:db:0b:
3a:2a:58:55:66:3b:a4:b9:da:d3:4f:ff:b0:20:5b:5b:f0:17:
3a:de:52:93:ea:8a:f2:26:fe:2b:71:cd:c3:f0:5b:02:a7:2f:
70:b4:66:3e:88:83:39:57:0e:ec:0e:5d:96:a7:14:09:a2:ea:
cf:6b:c4:9c:10:c5:dc:b0:51:cd:80:4a:eb:98:73:bd:4e:21:
a0:87:97:5f:6b:25:78:8a:71:8a:2a:10:7b:25:79:70:1a:61:
41:68:3f:a6:2b:b5:05:9b:2c:c8:00:13:ff:a5:6c:fe:d5:12:
6d:02:e6:69:98:c3:81:eb:29:ff:96:57:06:32:d4:b7:03:9b:
84:91:8b:42:c3:b5:cd:14:d6:d2:c3:b1:c5:60:32:05:6e:cf:
df:d1:79:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbnoeWxTKGPrt3jsmkZY0UfZ/yAkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjZmQ5NzFjMzVkYWZjODQ3OTE2ZWYyOTNlYWY0M2U5MGVlMTlmMzlhM2Fl
MjExMDIxNzFkNmFhZmU3NDZhZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJEbHfEYzAompeMWxYpOiUkchfIDr2ADF+HnHHTp0AL8sBasQxGetTaApD8x
WY5gRogzI3LMQz41s9ciSNDVlT0ap9AHcDy6cXGPF7FveygcVApQCdPDLWchzjQV
R4MBJA3ZM1XjY+N86NGHqcuAChbuSLVYig/ZSm6t9MZCI+Eir4Li0/wXpbpW0n4t
igJau/FECkp4tW0s2YkOiCrwEtrA22dm1amU6eT5unC2W3S9SvjN9qunB+YgWzV3
ntOz33EhgXqlG/24uAmMuFIiY4C/3CdRDK9xFuHylFMQ12NKJkZmrgXikRkUWqnu
TUbsvxDcj+tuoOljLUUb4gMw220CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBToLW68
paWbgqyyuhYTN1aaNwJT2DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI2MzA2OTMtMGY1ZC00MTI2LWJhMDctYWQwYzBjOTk5NjYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HHg
MA0GCSqGSIb3DQEBCwUAA4IBAQAvHs8dgbldYEIIPoxeWu0dUePS2Au4BrNo+FQT
c0HSUXtlgWaMiVeQYMhWQ4BvizBVdF0VIakDwHbTy20nR8St5sxnpE0LAKGtMAZe
dnsVVCuVNSdLBaMH5gNqrjW4SGjgBqbHbyDcPuMY2ws6KlhVZjukudrTT/+wIFtb
8Bc63lKT6oryJv4rcc3D8FsCpy9wtGY+iIM5Vw7sDl2WpxQJourPa8ScEMXcsFHN
gErrmHO9TiGgh5dfayV4inGKKhB7JXlwGmFBaD+mK7UFmyzIABP/pWz+1RJtAuZp
mMOB6yn/llcGMtS3A5uEkYtCw7XNFNbSw7HFYDIFbs/f0XlW
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:31 2024 by rpki-client on console-fra.rpki-client.org